August 2020 – CYNET-CSIRT

AR20-239C: MAR-10257062-1.v2 – North Korean Remote Access Tool: FASTCASH for Windows

Original release date: August 26, 2020DescriptionNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind…

Comments Off

August 26, 2020

Analysis Reports

AR20-239B: MAR-10301706-2.v1 – North Korean Remote Access Tool: VIVACIOUSGIFT

Original release date: August 26, 2020DescriptionNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind…

Comments Off

August 26, 2020

Analysis Reports

AR20-239A: MAR-10301706-1.v1 – North Korean Remote Access Tool: ECCENTRICBANDWAGON

Original release date: August 26, 2020Description Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any…

Comments Off

August 26, 2020

Current Activity

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

Original release date: August 26, 2020Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control…

Comments Off

August 26, 2020

Alerts

AA20-239A: FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks

Original release date: August 26, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off

August 26, 2020

Bulletins

Vulnerability Summary for the Week of August 17, 2020

Original release date: August 24, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info adobe -- acrobat_dc Adobe Acrobat and Reader versions 2020.009.20074 and…

Comments Off

August 25, 2020

Analysis Reports

AR20-232A: MAR-10295134-1.v1 – North Korean Remote Access Trojan: BLINDINGCAN

Original release date: August 19, 2020Description Notification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any…

Comments Off

August 19, 2020

Bulletins

Vulnerability Summary for the Week of August 10, 2020

Original release date: August 17, 2020 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info apache -- http_server Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi…

Comments Off

August 18, 2020

Alerts

AA20-227A: Phishing Emails Used to Deploy KONNI Malware

Original release date: August 14, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques.…

Comments Off

August 15, 2020

Current Activity

Malicious Cyber Actors Continue to Target SBA with Fraudulent Schemes

Original release date: August 14, 2020The U.S. Small Business Administration (SBA) is aware of fraudulent schemes and scams targeting its ongoing economic relief efforts. The SBA requests that suspected SBA-related…

Comments Off

August 14, 2020